News

Apple issues urgent iPhone iOS upgrade; how to protect your phone

Human rights activist Ahmed Mansoor shows Associated Press journalists a screenshot of a spoof text message he received in Ajman, United Arab Emirates, on Thursday, Aug. 25, 2016.  (AP Photo/Jon Gambrell)

Spyware developed by an Israeli company and used to spy on an Arab human rights activist has led Apple to issue a global upgrade for several of its products.

It is believed that three previously undisclosed vulnerabilities in Apple’s operation system were exploited by an organization called the NSO Group. The NSO Group allegedly used the three newly discovered weaknesses in iOS, Apple’s operating system, to take control of iPhone devices, including being allowed to read text messages and emails,  track calls and have access to the phone owner’s contact lists.

A  New York Times story says the software used, considered by some as the most sophisticated spyware package in the world, can also record sounds made around the phone, trace the users location and collect passwords put into the system.

An Apple spokesperson said: “We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”

According to a story from the Telegraph, Apple was tipped off by researchers, Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto's Munk School of Global Affairs, and Lookout, a San Francisco mobile security company.

The existence of the software became known when Ahmed Mansoor, a human rights activist in the United Arab Emirates, began receiving suspicious text messages and asked researchers at Citizen Lab to determine if he was being hacked. He was, through his iPhone.

Once Apple was notified, the company created a “patch,” within 10 days and sent out the upgrade on Thursday.  (A patch is a piece of software designed to  update a computer program or fix a security breach).

How do I update my iOS?

Here, from Apple, are the instructions on how to find  the latest updates and install them.

If a message says that an update is available, tap Install Now. You can also follow these steps:

1. Plug your device into power and connect to the Internet with Wi-Fi.

2. Tap Settings > General > Software Update.

3. Tap Download and Install. If a message asks to temporarily remove apps because iOS needs more space for the update, tap Continue. Later, iOS will reinstall apps that it removed.

4. To update now, tap Install. Or you can tap Later and choose Install Tonight or Remind Me Later. If you tap Install Tonight, just plug your iOS device into power before you go to sleep. Your device will update automatically overnight.

5. If asked, enter your passcode.

How do I keep my iPhone safe from hacks?

Here are some tips from the TelegraphWebroot and MacWorld on how to avoid being hacked.

1. Make sure you are running the most recent iOS, and if you are not, be sure to install iOS updates promptly.

2. Activate "Find my Phone." If you do and your phone is lost or stolen, you can wipe your iPhone clean of any personal information. There is an option on "Find my Phone" that lets  you erase any personal information even if the phone is not in your possession.

3. Avoid using unprotected Bluetooth networks and turn off your Bluetooth service when you aren't using it.

4. Consider using a passphrase instead of a passcode. It's harder to hack.

5. Skip autofill. It's nice not to have to type your name and address each time, but using autofill to do it may be more of a convenience  for hackers than for you.

6. Activate the feature that will erase all information on the phone after 10 incorrect passcode guesses. It's called "Erase Data" in the Settings section of the phone. (MacWorld warns that you should use automatic iCloud backup  if you chose this feature.)

7. Use a protected app to store pin and credit card numbers, or don't store them on the phone at all.

8. Siri can leak data even when your phone is locked. Turn her off.

9. Don't click on emails or texts that you don't recognize.